About these ads

Archive

Posts Tagged ‘Cyber Crime’

1-15 January 2013 Cyber Attacks Statistics

January 20, 2013 Leave a comment

Here are the statistics for the Cyber Attacks occurred in the first half of January 2013 and included inside the corresponding Cyber Attack Timeline.

The Daily Trend of January shows a couple of peaks in correspondence of the 3rd and the 10th of January, during the DDoS attacks of the Izz ad-Din al-Qassam Cyber Fighters (another minor peak occurred during the 8th of January. On average the sample included 4.67 attacks per day.

1-15 Jan 2013 Daily Trend

Even the attack by the Islamist collective contributed to the overtake of the hacktivism against cyber crime shown in the Motivations Behind Attacks chart. One attack on two of the sample was done for this purpose, even if the authors with different connotations: from the protests against the infamous video “The Innocence of Muslims”, to the retaliation for the suicide of Aaron Swartz, going through the different operations carried on by the Anonymous.

1-15 Jan 2013 Motivations

In any case, the Distribution of Attack Techniques chart shows frequency of DDoS Attacks did not prevent the SQL Injection of being the preferred weapon for cybercrooks with the 35% of occurrences. DDoS is immediately behind with the 27% of occurrences.

1-15 Jan 2013 Distribution

However, the Distribution Of Targets chart shows that targets belonging to finance were the most preferred in this period with the 25% of preferences, certainly a consequence of the wave of DDoS attacks against US Banks. Governmental targets are very close with the 24% of occurrences. Industry targets complete the podium with the 13%, just before targets belonging to Organizations and Education, respectively with the 8% and 7%.

1-15 Jan 2013 Targets

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the 1-15 January 2013 Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

 

About these ads

1-15 December 2012 Attack Statistics

December 22, 2012 Leave a comment

Let us gave a look to the landscape of Cyber Attacks, during the first half of December 2012. Apparently cybercrooks are taking a break for Christmas, since, according to my selection Criteria, the number of attacks has shown a small decrease in comparison with the previous months.

The Daily Trend shows an inconstant trend with two peaks around respectively the 3rd December and the 11th and 12th (the latter due to the peak of Cyber Attacks against the US Banks).

Daily Trend 1-15 December 2012The Motivations Behind Attacks chart shows, for the first time since August, the overtake of Hacktivism against Cyber Crime. Let us see if this trend will be confirmed until the end of the year.

Motivations 1-15 December 2012

The Distribution Of Attacks chart confirms that SQL Injection confirms to be the weapon preferred by Cyber Attackers with nearly one third of the occurrences (the value reaches nearly the 40% if one sums also the cases in which the attack seems to have been carried on with this technique but no enough evidences have been collected). In my opinion it is also important to notice the presence in the chart of several attacks perpetrated exploiting application vulnerabilities, but also the growing presence of targeted attacks (as usual you can find the details on the corresponding Cyber Attack Timeline.

Distribution 1-15 December 2012

Instead, at least for the first half of the month, the Distribution of Targets chart seems quite fragmented. Governmental targets lead the chart, but Financial, Industrial and Organizational targets are very close. Maybe the fragmentation depends from the partial sample. The second half of December will tell us if cybercrooks will concentrate their attacks against a specific sector.

Targets December 2012

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). To do so, you can use this form.

November 2012 Cyber Attacks Statistics

December 9, 2012 3 comments

From an information security perspective, November has been a month with two faces. The first part of the month has been characterized by hacktivism, nevertheless the Cyber Crime has reached an unprecedented level with the 69% of occurrences.

Let us begin with the Daily Trend chart. This chart confirms the influence of cyber attacks motivated by hacktivism in the first half of the month that explain the peak around the 5th of November.

Daily Trend Nov 2012

Despite the peak of attacks motivated by hacktivism occurred in the first half of the November, the Motivations Behind Attacks chart confirms the predominance of Cyber Crime with nearly the 69% of occurrences, followed by Hacktivism with the 28%. This growing trend of Cyber Crime is in line with the previous months even if the frequency has reached an unprecedented value (the higher so far).

Motivations Nov 2012

Also in November, the Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection. Nearly one attack on two has been carried on with this technique. It is also interesting to notice the presence of DNS Poisoning: November has brought three attacks executed with this method.

Techniques Nov 2012

The Distribution Of Targets chart shows the preference of cyber-crooks for targets belonging to the Industry sector. Even if the difference with governmental targets is only one point (19% against 18%), this is in contrast with the previous month where the ranks were exactly opposed (governmental targets led the chart with the 31%). Educational targets are “stable” at the 11% (were the 13% during the previous month). Curiously this month has registered a peak of attacks against Torrent sites.

Targets Nov 2012

As usual, no need to remind that the sample must be taken very carefully since it refers only to discovered attacks included in the November Cyber Attacks Timeline (the so-called tip of the iceberg), and hence it does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 November 2012 Cyber Attacks Statistics

November 23, 2012 Leave a comment

This November 2012 seems really to be endless from an Information Security Perspective. We have assisted so far to a remarkable number of Cyber Attacks.

As usual is it time to provide the partial snapshot of November taken from the corresponding Cyber Attack Timeline and covering the first half of the month. Please notice that the stats below do not include the following events:

  • The massive leak of Team Ghostshell for ProjectBlackStar (2.5 million accounts leaked from different targets in Russia);
  • The Cyber Attacks executed by the Anonymous and the other affiliated collectives for OpIsrael.

The above attacks have been executed on a much wider scale so counting the singe events would be senseless. Anyway other Sites have done an excellent Job for the aggregated stats of those attacks, see for instance OZDC.net for Project Black Star, and OpIsrael.

With this in mind let us proceed to examine the Daily Trend Of Attacks. Please notice the peak of November 5 (no need to comment it!):

Of course the Motivations Chart reflects this trend with the 60% of the attacks considered in my sample led by hackitivism. Apparently no different motivations than Hacktivism and Cyber Crime have been observed in this period.

I use not to take into considerations defacements, but this time their impact on the past two weeks has been very high. This is clearly shown in the Techniques Chart, where they rank at the first place, together with SQL Injection, with the 33% of occurrences:

As usual, the Target chart shows that Governmental targets rank at number one, immediately followed by targets belonging to Industry. Please notice the peak of Torrent Sites. This is due to the waves of DDoS Attacks carried on by Zeiko Anonymous, only because he has not been able to obtain an invite to a close torrent forum. Nothing to add: the reasons for hacking may range from Cyberwar to “simple” whims.

Please, as usual, take the sample very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

October 2012 Cyber Attacks Statistics

November 6, 2012 1 comment

It’s time for the statistics derived from the Cyber Attacks Timeline of October 2012 (Part I and Part II).

Let us begin with the Daily Trend that has seen a revamp of the Cyber Attacks in the second part of the month, with a marked decrease towards the end of the month (maybe in preparation of the massive wave of cyber attacks we are experiencing in conjunction with the 5th of November, the so-called #5Nov or #OpVendetta).

The Motivations Behind Attacks chart confirms the predominance of Cyber Crime with nearly the 59% of occurrences, followed by Hacktivism with the 37.3%. Apparently October has confirmed the trend of September with similar percentages.

The Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection over Distributed Denial Of Service but the two have only 5 points of difference, in clear contrast with the findings of the previous month when the percentages were respectively: 42.1% and 18.2%. It is interesting to notice that, on average, approximately one attack on five has no useful details to identify the used techniques, probably this is a side effect of the sample that is very heterogeneous.

Nothing new, the distribution Of Targets Chart confirms the preference of Cyber Crooks against Government targets which rank at number one with the 31.4% of occurrences, nearly 8 points more than September. Industry targets rank at number two with nearly 17% of occurrences, hence substantially stable (the previous month the value was 14.6%). Great jump of the targets belonging to education that rank at number three with the 12.7% of occurrences, while finance confirms the fourth place (in cohabitation with online services) with the 7.8% of occurrences.

Please, as usual, take the sample very carefully since it refers only to discovered attacks (the so-called tip of the iceberg), and hence does not pretend to be exhaustive but only aims to provide an high level overview of the “cyber landscape”.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

1-15 October 2012 Cyber Attack Statistics

October 22, 2012 Leave a comment

Here’s the partial snapshot for the Cyber Landscape in October. I have deliberately decided not to include in the statistics the massive Cyber Attack against the Universities executed by Team Ghost Shell, since, in my opinion, it would not have been formally correct include into the sample, this wave of cyber attacks which have been distributed in several months, and disclosed all at once.

In any case, looking at the sample including all the other attacks collected in October, according to the Daily Trend they were mainly concentrated at the beginning of the month:

For what concerns the Motivations Behind Attacks chart, Cyber Crime ranks at number one, with nearly the 58%, approximately at the same level of September (when it was at 55%). Interesting to notice, for the first half of October, the rise of events related to Cyber Warfare, mainly related to what is happening in the Middle East, and in particular in Iran, that suffered a couple of noticeable cyber attacks. In this landscape, the events related to hacktivism appear in decrease with the 35% of the events.

Even if the events related to hacktivism seem to be decreasing, the Distribution Of Attack Techniques shows a revamp of DDoS (the favourite weapon of hacktivists), mainly due to the wave of DDoS Cyber Attacks against the U.S. banks. Even if approximately one-fourth of the attacks has an unknown origin, SQL is stable at rank number three with the 22.5% of occurrences. It also worth to mention the 5% gained by Targeted Attacks.

Last but not least, the Distribution Of Targets chart, that confirms the weakness of the targets belonging to Government, ranking at number one with nearly one-third of the occurrences. It does not matter if the reason is hacktivism or cyber crime, Governments keep on to be the preferred victims of cybercrooks, at least for this first half of October.

Again, I will never get tired of repeating that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period.

In any case, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

September 2012 Cyber Attacks Statistics

October 8, 2012 1 comment

It’s time for the statistics derived from the Cyber Attacks Timeline of September 2012 (Part I and Part II).

I have decided to add another chart reporting the Daily Trend for the Cyber Attacks. According to collected data, the first week of the month has shown the higher concentration of events.

The Motivations Behind Attacks chart reveals the predominance of Cyber Crime which ranked, in September, at number one with the 55% of occurrences, followed by Cyber Crime, at number two with the 42% of occurrences. This is in contrast with the result of the previous month, in which the ranks were pratically inversed (respectively 58% Hacktivism and 36% Cyber Crime).

The Distribution Of Attack Techniques Chart confirms the predominance of SQL Injection over Distributed Denial Of Service. Interesting to notice the position of Targeted Attacks at the fifth place with the 5% of occurrences (I wonder how many will go undetected). Of course the main purpose of Targeted Attacks is to remain undetected for long time. Is the fact that they appear in the chart a sign of increasing detection capabilities by technological and human countermeasures?

Last but not least, the Distributon Of Targets Chart confirms the preference of Cyber Crooks against Government targets which rank at number one with the 23.6 of occurrences. Industry targets rank at number two with nearly 15% of occurrences, immediately before targets belonging to various organizations which rank at the third place with 12.2% of occurrences. Targets belonging to finance rank at number four with the 9% of occurrences, mainly due to the wave of DDoS Cyber attacks against U.S. Banks.

Again, I will never get tired of repeating that data must be taken very carefully since they do refer only to discovered attacks (the so-called tip of the iceberg), and hence do not pretend to be exhaustive but only aim to provide an high level overview of the “cyber landscape” of the considered period.

In any case, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated), at the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Follow

Get every new post delivered to your Inbox.

Join 3,089 other followers